Re: BUG: Use after free in detach_pid

Zwane Mwaikambo (zwane@holomorphy.com)
Sat, 22 Mar 2003 15:44:21 -0500 (EST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: wind@cocodriloo.com: "Re: 2.4 has O_SYNC bug ?"
Previous message: Andrew Morton: "Re: BUG: Use after free in detach_pid"
In reply to: Andrew Morton: "Re: BUG: Use after free in detach_pid"
Next in thread: William Lee Irwin III: "Re: BUG: Use after free in detach_pid"

On Sat, 22 Mar 2003, Andrew Morton wrote:

> Manfred Spraul <manfred@colorfullife.com> wrote:
> >
> > You mentioned that the last detach_pid() within __unhash_process oopsed. That means the reference count of the task structure was off by one, and the
> > put_task_struct(pid->task)
> > within
> > detach_pid(p,PIDTYPE_PGID);
> > freed the task structure.
> >
>
> Might be related to http://bugme.osdl.org/show_bug.cgi?id=482
> in which someone did put_task_struct() on an already-freed task_struct.
>
> And that was a uniprocessor without pgcl gunk.
>
> It is not known whether preemption was enabled?

CONFIG_PREEMPT=y on 3way P133

-- 
function.linuxpower.ca
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Next message: wind@cocodriloo.com: "Re: 2.4 has O_SYNC bug ?"
Previous message: Andrew Morton: "Re: BUG: Use after free in detach_pid"
In reply to: Andrew Morton: "Re: BUG: Use after free in detach_pid"
Next in thread: William Lee Irwin III: "Re: BUG: Use after free in detach_pid"